This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical **Privilege Escalation** flaw in the WordPress plugin "REST API | Custom API Generator".β¦
π¦ **Affected Product**: WordPress Plugin: **REST API | Custom API Generator For Cross Platform And Import Export In WP**. <br>π’ **Vendor**: WebOccults. <br>π **Versions**: **1.0.0 to 2.0.3**.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: Attackers can escalate to **Administrator** level. <br>π **Data Access**: Full read/write access to the WordPress database, users, and content. <br>β οΈ **Impact**: Complete site takeover.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **Extremely Low**. <br>π **Auth**: **Unauthenticated**. No login required. <br>βοΈ **Config**: Exploits exposed REST API endpoints directly.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exploit**: **Yes**. <br>π **PoC**: Available on GitHub (Nxploited/CVE-2025-5288). <br>π **Method**: Send a crafted `user.json` file to the API endpoint to create an admin user.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check installed plugins for **"REST API | Custom API Generator"**. <br>2. Verify version is **β€ 2.0.3**. <br>3. Scan for exposed REST API endpoints handling user imports without auth.
Q8Is it fixed officially? (Patch/Mitigation)
π οΈ **Fix**: Update the plugin to the latest version (post-2.0.3). <br>π **Reference**: Check WordPress.org plugin page or vendor site for the patched release.
Q9What if no patch? (Workaround)
π§ **Workaround (No Patch)**: <br>1. **Deactivate/Uninstall** the plugin immediately if not needed. <br>2. Block access to the specific REST API endpoint via `.htaccess` or WAF rules. <br>3.β¦